ports/75168: [security] update net/samba3 to 3.0.10
Joerg Pulz
Joerg.Pulz at frm2.tum.de
Thu Dec 16 20:50:31 UTC 2004
>Number: 75168
>Category: ports
>Synopsis: [security] update net/samba3 to 3.0.10
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Dec 16 20:50:31 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Joerg Pulz
>Release: FreeBSD 5.3-RELEASE-p1 i386
>Organization:
TU-Munich / ZWE FRM-II
>Environment:
System: FreeBSD hades.admin.frm2 5.3-RELEASE-p1 FreeBSD 5.3-RELEASE-p1 #10: Fri Nov 19 18:49:33 CET 2004 jpulz at hades.admin.frm2:/usr/obj/usr/src/sys/HADES i386
>Description:
- security update for net/samba3 to 3.0.10
> see: http://us1.samba.org/samba/security/CAN-2004-1154.html
Additionally
- make SAMBA_CONFDIR user defineable like SAMBA_PRIVATE
> therefor set RC_DIR to ${PREFIX}/etc/rc.d
instead of ${SAMBA_CONFDIR}/rc.d
> small changes to pkg-plist and PLIST_SUB
> the samba.sh script is able to handle this without modifications
please, please, please don't remove the user defineable SAMBA_CONFDIR
stuff. I like it very much and it is running on all my machines this way
for several versions now. It is really annoying to change this ever and
ever again for every update on every machine.
>How-To-Repeat:
>Fix:
- remove net/samba3/files/patch-script_installswat.sh
(this is fixed in 3.0.10)
- apply the patch
--- samba-3_0_10.diff begins here ---
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/net/samba3/Makefile,v
retrieving revision 1.131
diff -u -r1.131 Makefile
--- Makefile 23 Nov 2004 17:34:51 -0000 1.131
+++ Makefile 16 Dec 2004 20:19:33 -0000
@@ -6,7 +6,7 @@
#
PORTNAME= samba
-PORTVERSION= 3.0.9
+PORTVERSION= 3.0.10
PORTREVISION?= 0
PORTEPOCH?= 1
CATEGORIES?= net
@@ -33,10 +33,10 @@
SAMBA_RUNDIR= ${VARDIR}/run
SAMBA_LOCKDIR?= ${VARDIR}/db/samba
SAMBA_PRIVATE?= ${PREFIX}/private
-SAMBA_CONFDIR= ${PREFIX}/etc
+SAMBA_CONFDIR?= ${PREFIX}/etc
SAMBA_SWATDIR= ${PREFIX}/share/swat
SAMBA_LIBDIR= ${PREFIX}/lib
-RC_DIR= ${SAMBA_CONFDIR}/rc.d
+RC_DIR= ${PREFIX}/etc/rc.d
SAMBA_CONFIG= ${SAMBA_CONFDIR}/smb.conf
CONFIGURE_ENV+= CPPFLAGS=-I${LOCALBASE}/include \
@@ -259,7 +259,8 @@
PLIST_SUB+= RC_DIR=${RC_DIR} \
SAMBA_LOGDIR=${SAMBA_LOGDIR} \
- SAMBA_LOCKDIR=${SAMBA_LOCKDIR}
+ SAMBA_LOCKDIR=${SAMBA_LOCKDIR} \
+ SAMBA_CONFIG=${SAMBA_CONFIG}
RC_SCRIPTS_SUB= PREFIX=${PREFIX} \
CUPS=${CUPS} \
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/net/samba3/distinfo,v
retrieving revision 1.60
diff -u -r1.60 distinfo
--- distinfo 23 Nov 2004 17:34:51 -0000 1.60
+++ distinfo 16 Dec 2004 20:19:33 -0000
@@ -1,2 +1,2 @@
-MD5 (samba-3.0.9.tar.gz) = 9cf2bcef71509a81687dec8732545400
-SIZE (samba-3.0.9.tar.gz) = 15172821
+MD5 (samba-3.0.10.tar.gz) = b19fd86d3c11a1b43f75a5988cd9ceeb
+SIZE (samba-3.0.10.tar.gz) = 15176926
Index: pkg-plist
===================================================================
RCS file: /home/ncvs/ports/net/samba3/pkg-plist,v
retrieving revision 1.57
diff -u -r1.57 pkg-plist
--- pkg-plist 23 Nov 2004 17:34:51 -0000 1.57
+++ pkg-plist 16 Dec 2004 20:19:33 -0000
@@ -23,8 +23,8 @@
%%WINBIND%%bin/wbinfo
@unexec %D/etc/rc.d/samba.sh forcestop 2>/dev/null || true
etc/rc.d/samba.sh
- at unexec if cmp -s %D/etc/smb.conf %D/etc/smb.conf.default; then rm -f %D/etc/smb.conf; fi
-etc/smb.conf.default
+ at unexec if cmp -s %%SAMBA_CONFIG%% %%SAMBA_CONFIG%%.default; then rm -f %%SAMBA_CONFIG%%; fi
+ at unexec rm -f %%SAMBA_CONFIG%%.default 2>/dev/null || true
sbin/smbd
sbin/nmbd
sbin/swat
@@ -434,6 +434,7 @@
share/swat/help/nmbd.8.html
share/swat/help/nmblookup.1.html
share/swat/help/ntlm_auth.1.html
+share/swat/help/pam_winbind.8.html
share/swat/help/pdbedit.8.html
share/swat/help/profiles.1.html
share/swat/help/rpcclient.1.html
Index: files/patch-lib_util_str.c
===================================================================
RCS file: /home/ncvs/ports/net/samba3/files/patch-lib_util_str.c,v
retrieving revision 1.1
diff -u -r1.1 patch-lib_util_str.c
--- files/patch-lib_util_str.c 18 May 2004 14:52:47 -0000 1.1
+++ files/patch-lib_util_str.c 16 Dec 2004 20:19:33 -0000
@@ -1,23 +1,23 @@
---- lib/util_str.c.orig Tue Apr 20 22:42:55 2004
-+++ lib/util_str.c Fri May 14 02:02:30 2004
-@@ -1980,10 +1980,16 @@
+--- lib/util_str.c.orig Thu Dec 16 20:46:53 2004
++++ lib/util_str.c Thu Dec 16 20:48:54 2004
+@@ -2008,10 +2008,16 @@
{
int bits = 0;
int char_count = 0;
- size_t out_cnt = 0;
- size_t len = data.length;
- size_t output_len = data.length * 2;
-- char *result = malloc(output_len); /* get us plenty of space */
+- char *result = SMB_MALLOC(output_len); /* get us plenty of space */
+ size_t out_cnt, len, output_len;
+ char *result;
+
-+ if (!data.length || !data.data)
++ if (!data.length || !data.data)
+ return NULL;
+
+ out_cnt = 0;
+ len = data.length;
+ output_len = data.length * 2;
-+ result = malloc(output_len); /* get us plenty of space */
++ result = SMB_MALLOC(output_len); /* get us plenty of space */
while (len-- && out_cnt < (data.length * 2) - 5) {
int c = (unsigned char) *(data.data++);
--- samba-3_0_10.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list